Current Activity provides timely information on security risks to help you better protect your systems from malware campaigns and mitigate against new software vulnerabilities.
Microsoft has released updates to address vulnerabilities in Microsoft Development Tools and Server Software as part of the Microsoft Security Bulletin summary for September 2012. These vulnerabilities may allow an attacker to operate with elevated privileges.
US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.
US-CERT has released Vulnerability Note VU#636312 to address a vulnerability in Oracle Java Runtime Environment (JRE) 1.7. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system.
US-CERT encourages users and administrators to review Vulnerability Note VU#636312. This advisory includes possible workarounds that help mitigate the risk against known attack vectors by disabling the Java plug-in.
Update: Oracle has released an out-of-band patch to address this vulnerability. US-CERT encourages users and administrators to review the Oracle Security Alert for CVE-2012-4681 and apply any necessary updates to help mitigate the risk.
US-CERT is aware of multiple malware campaigns impersonating multiple U.S. government agencies, including the United States Cyber Command (USCYBERCOM) and the Federal Bureau of Investigation (FBI). Once installed on a system, the malware displays a screen claiming that a Federal Government agency has identified the user's computer as being associated with one or more crimes. The user is told to pay a fine to regain the use of the computer, usually through prepaid money card services.
Affected users should not follow the payment instructions. US-CERT encourages users to follow the recommendations in Security Tip ST05-006, Recovering from Viruses, Worms, and Trojan Horses. Users may also choose to file a complaint with the FBI's Internet Crime Complaint Center (IC3).
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, SQL Server, Server Software, Developer Tools, and Exchange Server as part of the Microsoft Security Bulletin summary for August 2012. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with elevated privileges.
US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.
Additional information regarding the bulletin can be found in US-CERT Technical Alert TA12-227A.
The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities:
These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, disclose sensitive information, operate with elevated privileges, bypass security restrictions, or perform a cross-site scripting attack.
US-CERT encourages users and administrators to review the Mozilla Foundation Advisory for Firefox 14, Firefox ESR 10.0.6, Thunderbird 14, Thunderbird ESR 10.0.6, and SeaMonkey 2.11 and apply any necessary updates to help mitigate the risk.